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Log a result of the verification in an activity log 



Generate a usage report 



Analyze the transaction log to detect misuse 



FIG. 2 



40 



Activity Log 



May 2000 



Digital Certificate 1.234.5.6778.9 
Jon Smith (Primary Owner) 

10/15/99 10:02 AiM www.ainazon.com Office 

10/15/99 11:04 AM www.ebay.com Office 

10/15/99 09:36 PM www.amazon.com Home 

10/15/99 04:32 PM www.etoys.com Portable 
Susan Johnson (Delegate) 

10/15/99 10:02 AM www.healthcare.com Work 

10/15/99 10:05 AM www.healthcare.com Work 

10/15/99 10:08 AM www.healthcare.com Work 

10/15/99 10:09 AM www.healthcare.com Work 
Albert White (Delegate) 

10/15/99 07:42 AM www.healthcare.com Work 

10/15/99 11:07 AM www.bankone.com Work 



S15.25 
SI 00.25 
S56.65 
S25.65 

document accessed 
document submitted 
document accessed 
document accessed 

document accessed 
transfer S1,000 



Approved 
Approved 
Approved 
Approved 

Approved 
Approved 
Approved 
Approved 

Approved 
Rejected 
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delegator provides registration information to 
CSP 
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CSP checks registration Information and 
issues digital credential to delegator 
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DSP receives, from delegator, designation of 
delegate and role 






DSP receives, from CSP, an indication that 
designation is valid 
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DSP issues delegation credential 






DSP sends confirmation to delegator 

- ' 
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delegate requests access to service, from a 
relying party, that requires a digital credential 
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CSP receives delegation credential from 
delegate and access requirement from relying 
party 
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yes 



no 



obtain delegation credentials for delegator and 
determine if there is a credential that meet the 
access requirement 



.r<8 



instruct relying party to provide 
sen/ice 



provide delegate with a list of delegation 
credentials that meet access requirement 



delegate selects delegation credential from list 



delegation credential used to access service 
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receive confirmation code and identifier from 
delegate 



± 

identify delegator 



assign delegation credentials to delegate 



send message to delegator 



FIG. 8 



